Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20430

Summary
Assigner-MediaTek
Assigner Org ID-ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At-02 Mar, 2026 | 08:39
Updated At-03 Mar, 2026 | 04:55
Rejected At-
Credits

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:MediaTek
Assigner Org ID:ee979b05-11f8-4f25-a7e0-a1fa9c190374
Published At:02 Mar, 2026 | 08:39
Updated At:03 Mar, 2026 | 04:55
Rejected At:
â–¼CVE Numbering Authority (CNA)

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.

Affected Products
Vendor
MediaTek Inc.MediaTek, Inc.
Product
MT6890, MT7915, MT7916, MT7981, MT7986
Versions
Affected
  • SDK release 7.6.7.3 and before / openWRT 19.07, 21.02, 23.05
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://corp.mediatek.com/product-security-bulletin/March-2026
N/A
Hyperlink: https://corp.mediatek.com/product-security-bulletin/March-2026
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@mediatek.com
Published At:02 Mar, 2026 | 09:16
Updated At:02 Mar, 2026 | 22:05

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
MediaTek Inc.
mediatek
>>software_development_kit>>Versions up to 7.6.7.3(inclusive)
cpe:2.3:a:mediatek:software_development_kit:*:*:*:*:*:*:*:*
OpenWrt
openwrt
>>openwrt>>19.07.0
cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*
OpenWrt
openwrt
>>openwrt>>21.02.0
cpe:2.3:o:openwrt:openwrt:21.02.0:-:*:*:*:*:*:*
OpenWrt
openwrt
>>openwrt>>23.05.0
cpe:2.3:o:openwrt:openwrt:23.05.0:-:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt6890>>-
cpe:2.3:h:mediatek:mt6890:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7915>>-
cpe:2.3:h:mediatek:mt7915:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7916>>-
cpe:2.3:h:mediatek:mt7916:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7981>>-
cpe:2.3:h:mediatek:mt7981:-:*:*:*:*:*:*:*
MediaTek Inc.
mediatek
>>mt7986>>-
cpe:2.3:h:mediatek:mt7986:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Secondarysecurity@mediatek.com
CWE ID: CWE-787
Type: Secondary
Source: security@mediatek.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://corp.mediatek.com/product-security-bulletin/March-2026security@mediatek.com
Vendor Advisory
Hyperlink: https://corp.mediatek.com/product-security-bulletin/March-2026
Source: security@mediatek.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

698Records found
CVE-2023-20775
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410.

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrt
Product-mt6855mt6757cdmt6879mt6873mt6893mt6990mt6886mt6983mt8183mt6765mt6757cmt6853topenwrtmt6835mt6739mt6757mt6761mt6889mt6768mt8781mt6985mt6890mt6771mt6833mt6885mt8673mt6877mt6781mt8195mt6853mt6895mt8168mt6789androidmt6757chmt6779mt6785mt6763MT6739, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6983, MT6985, MT6990, MT8168, MT8183, MT8195, MT8673, MT8781
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20654
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.40%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-17 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6761mt6853tmt6785mt6771mt8385mt8797mt6580mt8321mt8791tmt6737mt8795tmt8791mt6879mt6877mt8788mt6735mt6883mt6757cdmt6895mt8789mt8891mt6753mt8781mt6855mt8786mt6893mt8667mt6983mt8798mt6781mt6891mt8771mt8666mt8675mt8185mt8766mt6739mt6779mt6762mt6769mt6757chmt6768mt6833mt6731mt6873mt8192mt6757cmt8765mt6757mt8673mt6889mt8768mt6853mt8871mt6789mt6765mt6763mt6875mt6885MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20758
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.33%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636130.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6781mt6853mt6883mt6853tandroidmt6739mt8789mt8797mt6889mt6768mt6785mt8786MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8786, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20652
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.66%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6769mt8788mt6853mt6891mt8192mt6895mt6983mt8871mt6757cdmt8185mt8786mt6889mt6873mt6737mt8766mt8765mt6739mt6833mt8891mt6765mt8385mt6883mt6753mt6789mt8771mt6785mt6735mt6731mt6855mt6877mt8781mt6771mt6580mt6853tmt8795tmt8321mt8667mt8789mt6779mt6762mt6885mt6757mt8666mt6768mt6781mt6879mt6893mt8768mt8675mt6763mt8791mt8791tandroidmt8797mt6757chmt6875mt8798mt6761mt8673mt6757cMT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8192, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8871, MT8891
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20732
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.24%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-08 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt8175mt6873mt6893mt6886mt8788mt6983mt7902mt8666mt8167mt6765mt7663mt6891mt6883mt7921mt6835mt6769mt6761mt6875mt6889mt8362amt6768mt8781mt6985mt8695mt8167smt8385mt6833mt6885mt8518yoctomt6877mt6762mt6781mt8365mt8195mt6853mt6895mt6789androidmt6779mt6785mt7668mt8532mt6879mt8173MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT7663, MT7668, MT7902, MT7921, MT8167, MT8167S, MT8173, MT8175, MT8195, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8666, MT8695, MT8781, MT8788
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20757
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636133.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6853mt6883mt6853tandroidmt6739mt8789mt8797mt6889mt6768mt6785mt8786MT6739, MT6768, MT6771, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8786, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20656
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.64%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-17 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-androidmt6785mt6771mt8385mt8797mt8321mt8791tmt8795tmt6879mt6877mt8788mt6883mt6895mt8789mt8781mt6855mt8786mt6893mt8798mt6983mt6781mt8771mt8766mt6779mt6768mt6833mt6873mt8765mt6889mt8768mt6853mt6789mt6765mt6885MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6889, MT6893, MT6895, MT6983, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20695
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.51%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-23 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrt
Product-mt8791mt8766androidmt8185mt6980mt8789mt6985mt8321mt8667mt8788mt8365openwrtmt8395mt6890mt8666mt8385mt6990mt8797mt8167mt8195mt8175mt8675mt8768mt8673mt6835mt8786mt8781mt8791tmt6880mt8765mt6886MT6835, MT6880, MT6886, MT6890, MT6980, MT6985, MT6990, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20806
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hcp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07537437.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt8188androidmt8395mt8673mt6983mt8195mt2713mt6879MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395, MT8673mt6895mt8188mt8395mt8673mt6983mt8195mt2713mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20804
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:21
Updated-22 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326384.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6895mt8188androidmt8395mt8673mt6983yoctomt8195mt2713mt6879MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395, MT8673mt6895mt8188androidmt8395mt8673mt6983mt8195yoctomt2713mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20809
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-22 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03751198; Issue ID: DTV03751198.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt9631mt9011mt9688mt9615mt9022mt9030mt9012mt5695mt9667mt9221mt9670mt9617mt9215mt9031mt9216mt9636mt9611mt9021mt5583mt9222mt9652mt9629mt9218mt9639mt9266mt9255mt9269mt9016mt9256mt9610mt9612mt9638mt9220mt9675mt9288mt9666mt9669mt9285mt9600mt9286mt9650mt9632mt9671mt9020mt9685mt9613mt9010mt9602mt9032androidmt9686mt9630mt5691MT5583, MT5691, MT5695, MT9010, MT9011, MT9012, MT9016, MT9020, MT9021, MT9022, MT9030, MT9031, MT9032, MT9215, MT9216, MT9218, MT9220, MT9221, MT9222, MT9255, MT9256, MT9266, MT9269, MT9285, MT9286, MT9288, MT9600, MT9602, MT9610, MT9611, MT9612, MT9613, MT9615, MT9617, MT9629, MT9630, MT9631, MT9632, MT9636, MT9638, MT9639, MT9650, MT9652, MT9666, MT9667, MT9669, MT9670, MT9671, MT9675, MT9685, MT9686, MT9688mt9631mt9011mt9688mt9615mt9022mt9030mt9012mt5695mt9667mt9221mt9670mt9617mt9215mt9031mt9216mt9636mt9611mt9021mt5583mt9222mt9652mt9629mt9218mt9639mt9266mt9255mt9269mt9016mt9256mt9610mt9612mt9638mt9220mt9675mt9288mt9666mt9669mt9285mt9600mt9286mt9650mt9632mt9671mt9020mt9685mt9613mt9010mt9602mt9032androidmt9686mt9630mt5691
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20796
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.33%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-17 Oct, 2024 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929790; Issue ID: ALPS07929790.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt6985mt6873mt6893mt8786mt2735mt6890mt6879mt6833mt6886mt6983yoctomt6877mt6853mt6980mt6895mt8168mt6789openwrtmt6835mt6880mt8768androidmt8321mt2737mt8781rdk-bMT2735, MT2737, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, MT6886, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8168, MT8321, MT8768, MT8781, MT8786
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20739
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6757cdmt6879mt6873mt6893mt8765mt6886mt8788mt8791tmt6983mt6765mt6757cmt6891mt6737mt6883mt6853tmt6835mt6739mt6757mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8781mt8766mt8786mt6985mt6771mt6833mt6885mt6735mt6753mt6762mt6877mt6781mt6853mt6895mt6789androidmt6757chmt6779mt6785mt6763MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8365, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20740
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.97%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6873mt6893mt8765mt8395mt8788mt8791tmt8167mt6891mt6883mt6853tmt6835mt8768mt8789mt6769mt6875mt8797mt6889mt8321mt6768mt8781mt8766mt8786mt6833mt6885yoctomt6877mt6781mt8365mt6853iot-yoctomt8168mt6789androidmt8185mt8791mt6779mt6785mt8173MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8167, MT8168, MT8173, MT8185, MT8321, MT8365, MT8395, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20805
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:21
Updated-22 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07199773; Issue ID: ALPS07326411.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6895mt8188androidmt8395mt8673mt6983yoctomt8195mt2713mt6879MT2713, MT6879, MT6895, MT6983, MT8188, MT8195, MT8395, MT8673mt6895mt8188androidmt8395mt8673mt6983mt8195yoctomt2713mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20832
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.13%
||
7 Day CHG-0.01%
Published-04 Sep, 2023 | 02:27
Updated-04 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt8175mt6873mt6893mt2735mt6886mt6983mt8167mt6765mt6891mt6883mt6853topenwrtmt6835mt6880mt6769mt6761mt6875mt6889mt8362amt6768rdk-bmt6985mt6890mt8167smt6833mt6885yoctomt6877mt6762mt8365mt8195mt6853mt6980mt6895mt8168androidmt6779mt6879MT2735, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8175, MT8195, MT8362A, MT8365mt6855mt6990mt8175mt6873mt6893mt2735mt6886mt6983mt8167mt6765mt6891mt6883mt6853tmt6835mt6880mt6875mt6761mt6769mt6889mt8362amt6768mt6985mt6890mt8167smt6833mt6885mt6877mt6762mt8365mt8195mt6853mt6980mt6895mt8168androidmt6779mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20725
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.26%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:12
Updated-07 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrt
Product-mt6855mt6990mt8175mt6873mt6893mt6580mt6886mt8788mt6983mt8167mt6765mt6883mt6853topenwrtmt6835mt6739mt6880mt8789mt6761mt6889mt6768mt8781rdk-bmt6985mt6890mt8385mt6833mt6885mt8673mt6877mt6781mt8365mt8195mt6853mt6980mt6895mt6789androidmt6779mt6785mt6879MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8175, MT8195, MT8365, MT8385, MT8673, MT8781, MT8788, MT8789
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20784
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:21
Updated-14 Nov, 2024 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6757cdmt6879mt6873mt6893mt8675mt8765mt6580mt6886mt8788mt8791tmt6983mt8666mt6765mt6757cmt6891mt6737mt6883mt6853tmt6835mt6739mt6757mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8781mt8766mt8786mt6985mt6771mt8385mt6833mt6885mt8673mt6735mt6753mt6762mt6877mt6781mt6853mt6895mt6789androidmt6757chmt8185mt8791mt6779mt6785mt6731mt6763MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20759
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.33%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt6893mt6771mt6833mt6885mt6877mt6781mt6853mt6883mt6853tandroidmt6739mt8789mt8797mt6889mt6768mt6785mt8786MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8786, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20716
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.26%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6855mt6879mt8175mt8788mt6983mt7902mt7663mt5221mt8768mt8789mt8797mt8362amt8781mt8766mt8786mt8695mt8167smt8385mt8673mt8518yoctomt8365mt6895iot-yoctomt8168mt6789linux_kernelandroidmt8791mt7668mt8532mt7921MT5221, MT6789, MT6855, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8175, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8673, MT8695, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20766
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6879mt8175mt6873mt6893mt8675mt8765mt6580mt6886mt8788mt8791tmt6983mt8666mt8167mt6765mt6891mt6853tmt6739mt6757mt8768mt8789mt6769mt6761mt6875mt8797mt8321mt6768mt8362amt8781mt8766mt8786mt6985mt6771mt8385mt6833mt6735mt6753mt6762mt6877mt6781mt8365mt6853mt8667mt6895mt8168mt6789androidmt8185mt8791mt6779mt6785mt6763mt8173MT6580, MT6735, MT6739, MT6753, MT6757, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6886, MT6891, MT6893, MT6895, MT6983, MT6985, MT8167, MT8168, MT8173, MT8175, MT8185, MT8321, MT8362A, MT8365, MT8385, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20767
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 21:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629584.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt6985mt8168androidmt6886mt8673mt6983mt8195mt8167mt6879MT6879, MT6886, MT6895, MT6983, MT6985, MT8167, MT8168, MT8195, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20815
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.78%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:22
Updated-22 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453587; Issue ID: ALPS07453587.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20841
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 1.25%
||
7 Day CHG-0.01%
Published-04 Sep, 2023 | 02:27
Updated-21 Oct, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCMediaTek Inc.The Linux Foundation
Product-mt6895linux_kernelmt8188androidmt8395mt8673mt6983iot_yoctoyoctomt6897mt2713mt8195MT2713, MT6895, MT6897, MT6983, MT8188, MT8195, MT8395, MT8673mt8673
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20720
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.24%
||
7 Day CHG-0.01%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt6983mt8673androidmt8195mt8167mt8168MT6895, MT6983, MT8167, MT8168, MT8195, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20630
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.66%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8675mt6580mt8167mt6781mt6739mt6885mt6855mt6983mt6895mt6761mt8168mt6771mt6833mt6789mt6768mt6765mt6893mt6735mt6853mt6873mt6763mt6779mt6785mt8666androidMT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6885, MT6893, MT6895, MT6983, MT8167, MT8168, MT8666, MT8675
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20632
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.66%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628506; Issue ID: ALPS07628506.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8675mt6580mt8167mt6781mt6739mt6885mt6855mt6983mt6895mt6761mt8168mt6771mt6833mt6789mt6768mt6765mt6893mt6735mt6853mt6873mt6763mt6779mt6785mt8666androidMT6580, MT6735, MT6739, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6885, MT6893, MT6895, MT6983, MT8167, MT8168, MT8666, MT8675
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20738
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.26%
||
7 Day CHG-0.01%
Published-06 Jun, 2023 | 12:11
Updated-07 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8175mt6873mt6893mt5838mt5696mt8395mt8791tmt5836mt9649mt6891mt6883mt9000mt9653mt9015mt9618mt6853tmt9023mt8789mt6769mt6875mt8797mt6889mt9687mt6768mt9952mt8781mt8786mt6833mt6885mt8673yoctomt9902mt6877mt6781mt8365mt8195mt6853mt9932iot-yoctomt8168mt6789androidmt9972mt9679mt9689mt6779mt6785mt9982mt9025MT5696, MT5836, MT5838, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T, MT8797, MT9000, MT9015, MT9023, MT9025, MT9618, MT9649, MT9653, MT9679, MT9687, MT9689, MT9902, MT9932, MT9952, MT9972, MT9982
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20812
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.84%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:22
Updated-28 Oct, 2024 | 02:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6896mt6855mt6985mt6873mt6893mt6833mt6885mt6983mt6783mt6877mt6762mt6781mt8365mt6765mt6891mt6883mt6853mt6895mt6789androidmt6769mt6761mt6875mt6889iot_yoctomt6768mt6785mt6879MT6761, MT6762, MT6765, MT6768, MT6769, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6896, MT6983, MT6985, MT8365
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20807
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.58%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:21
Updated-15 Oct, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt8188androidmt8395mt8673mt6983mt2713mt8195MT2713, MT6895, MT6983, MT8188, MT8195, MT8395, MT8673mt6895mt8188mt8395mt8673mt6983mt2713mt8195
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20701
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.10%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643270; Issue ID: ALPS07643270.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6781mt6853tmt6855mt8789mt6889mt6893mt6833mt6762mt6769mt6765androidmt6877mt8195mt8768mt6879mt6768mt6785mt8786mt6873mt6891mt6853mt6789mt8788mt6883mt8797mt6875mt6885mt6779MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8768, MT8786, MT8788, MT8789, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20816
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.72%
||
7 Day CHG-0.01%
Published-07 Aug, 2023 | 03:22
Updated-22 Oct, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453589; Issue ID: ALPS07453589.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20696
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.51%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-23 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).

Action-Not Available
Vendor-MediaTek Inc.Google LLCOpenWrt
Product-mt8791mt8766androidmt8185mt8789mt8321mt8667mt8788mt8365openwrtmt6890mt8666mt8385mt8797mt8167mt8195mt8175mt8675mt8768mt8673mt8781mt8786mt8791tmt6880mt8765mt8395MT6880, MT6890, MT8167, MT8175, MT8185, MT8195, MT8321, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20830
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.13%
||
7 Day CHG-0.01%
Published-04 Sep, 2023 | 02:27
Updated-10 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt6855mt6990mt6873mt6893mt2735mt6886mt6983mt8167mt6765mt6891mt6883mt6853topenwrtmt6835mt6880mt6769mt6761mt6875mt6889mt8362amt6768mt8781rdk-bmt6985mt6890mt8167smt6833mt6885yoctomt6762mt6877mt8365mt8195mt6853mt6980mt6895mt8168androidmt6779mt2713mt6879mt8173MT2713, MT2735, MT6761, MT6762, MT6765, MT6768, MT6769, MT6779, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6980, MT6983, MT6985, MT6990, MT8167, MT8167S, MT8168, MT8173, MT8195, MT8362A, MT8365, MT8781mt6855mt6990mt6873mt6893mt2735mt6886mt6983mt8167mt6765mt6891mt6883mt6853tmt6835mt6880mt6769mt6761mt6875mt6889mt8362amt6768mt8781mt6985mt6890mt8167smt6833mt6885mt6877mt6762mt8365mt8195mt6853mt6980mt6895mt8168androidmt6779mt2713mt6879mt8173
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20721
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.06%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6895mt6983mt8673androidmt8395yoctomt8195mt6879MT6879, MT6895, MT6983, MT8195, MT8395, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-7248
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.11% / 77.95%
||
7 Day CHG~0.00%
Published-16 Mar, 2020 | 20:49
Updated-04 Aug, 2024 | 09:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow.

Action-Not Available
Vendor-n/aOpenWrt
Product-openwrtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20125
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 6.00%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:06
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained System privileges. User interaction is not needed for exploitation. Patch ID: ALPS09046782; Issue ID: MSV-1728.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8390mt8195mt8370mt8771mt6885mt6889mt6768mt8395mt6855mt6886mt8321mt6873mt8768mt6833mt8365mt8781mt8797mt6761mt8666mt6789mt6985mt8175mt8766mt8667mt6580mt8798mt6785mt6877mt8765mt8786mt8385mt6781mt6779mt6893mt6765mt6835mt8673mt6853androidmt6983mt6879mt6883mt6895mt8788mt8791tMT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8175, MT8195, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8791T, MT8797, MT8798mt6855mt8175mt6873mt6893mt8765mt6580mt6886mt8370mt8395mt8788mt8791tmt6983mt8666mt6765mt6883mt8390mt6835mt8768mt6761mt8797mt6889mt8321mt6768mt8781mt8766mt8786mt6985mt8385mt6833mt6885mt8673mt6877mt6781mt8365mt8195mt6853mt8667mt6895mt6789mt8798mt6779mt6785mt8771mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20141
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 3.33%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 03:23
Updated-03 Feb, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In V5 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291402; Issue ID: MSV-2073.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6779mt8771mt6739mt8795tmt8789mt8395mt8365mt8791tmt8362amt8666mt6877mt8167mt8675mt6781mt8175mt6873mt6885mt8786mt6833mt8768mt6771mt6853mt6893mt8321mt8798mt8673mt8775mt6765mt8667mt8185mt8765mt8766mt6785mt8678mt8781mt6761mt8385mt6768mt8788mt8797androidmt8893mt8195mt8167sMT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8167, MT8167S, MT8175, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8395, MT8666, MT8667, MT8673, MT8675, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798, MT8893
CWE ID-CWE-123
Write-what-where Condition
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20121
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.98%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:49
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6989mt8771mt8798mt6768mt6855mt8789mt6886mt8321mt8792mt8765mt8796mt8786mt8385mt8768mt8795tmt6833mt6893mt6765mt6835mt8797mt6853androidmt6983mt6879mt8788mt8781mt8791tmt8766MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6983, MT6989, MT8321, MT8385, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796, MT8797, MT8798mt6855mt6893mt8765mt8786mt8385mt6833mt6886mt8788mt8791tmt6983mt6989mt6765mt6853mt8798mt6835mt8768mt8789androidmt8792mt8797mt8321mt6768mt8775mt8795tmt8796mt8771mt8781mt8766mt6879
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20110
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.98%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV-1762.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt8195mt6765mt6885mt6768mt6877mt6853androidmt6873mt6833mt8188MT6765, MT6768, MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8188, MT8195mt6873mt6893mt8188androidmt6833mt6885mt6768mt6877mt6765mt8195mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20140
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.02%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020.

Action-Not Available
Vendor-MediaTek Inc.The Linux FoundationGoogle LLC
Product-mt6893mt8532mt6885mt6768mt8518smt6739mt6877mt6761mt6853androidmt6781mt6833yoctoMT6739, MT6761, MT6768, MT6781, MT6833, MT6853, MT6877, MT6885, MT6893, MT8518S, MT8532
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20113
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.98%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 01:48
Updated-22 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036814; Issue ID: MSV-1715.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8195mt6765mt6768androidmt8188MT6765, MT6768, MT8188, MT8195mt8188androidmt6768mt6765mt8195
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20144
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 16.44%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 03:17
Updated-22 Apr, 2025 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041.

Action-Not Available
Vendor-rdkcentralMediaTek Inc.Google LLCOpenWrtThe Linux Foundation
Product-mt8390mt6989mt8370mt6885mt6768mt6855mt6886mt6771mt6873mt6990mt6897mt6878mt6833mt6880mt8676mt6739mt6761rdk-bmt6789mt6985mt6785mt6877mt6781mt6779openwrtmt6893mt6765mt6835mt6980mt6890mt6853androidmt6879mt6895yoctomt2737MT2737, MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6880, MT6885, MT6886, MT6890, MT6893, MT6895, MT6897, MT6980, MT6985, MT6989, MT6990, MT8370, MT8390, MT8676
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20099
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.98%
||
7 Day CHG-0.02%
Published-07 Oct, 2024 | 02:35
Updated-25 Apr, 2025 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: MSV-1625.

Action-Not Available
Vendor-The Linux FoundationGoogle LLCMediaTek Inc.
Product-mt6853mt6877mt6768mt6893yoctomt8532mt6833androidMT6768, MT6833, MT6853, MT6877, MT6893, MT8532mt6893androidmt6833mt6768mt6877mt8532mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20057
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-7.2||HIGH
EPSS-0.04% / 11.15%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 02:51
Updated-30 Apr, 2025 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08587881; Issue ID: ALPS08587881.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6877mt6855mt8771mt6886mt8755mt8789mt6761mt6895mt8385mt6897androidmt8765mt8788mt8786mt6768mt8781mt6835mt6893mt6765mt6833mt6983mt8791tmt6781mt6889mt6789mt6779mt6873mt8792mt6853mt6879mt8321mt8795tmt8796mt6885mt6883mt6785mt8766mt8768MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6983, MT8321, MT8385, MT8755, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8792, MT8795T, MT8796mt6883mt8321mt6893mt8789mt8781mt8795tmt8771mt6885mt6879mt8786mt6853mt6897mt8768mt6765mt8766mt6983mt6877mt6886mt8765mt8385mt6855mt8792mt6833mt8755mt6889mt8788mt6895mt6789mt8796mt6835mt6761mt6785mt6781mt6779mt8791tmt6873mt6768
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20006
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 15.36%
||
7 Day CHG~0.00%
Published-05 Feb, 2024 | 05:59
Updated-16 Dec, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.

Action-Not Available
Vendor-rdkcentralOpenWrtGoogle LLCMediaTek Inc.
Product-mt6890openwrtandroidmt6880mt8188tmt2713mt6781rdk-bMT2713, MT6781, MT6880, MT6890, MT8188Tmt6781mt2713mt6890mt8188tmt6880
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20018
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.74% / 72.65%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 20:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.

Action-Not Available
Vendor-MediaTek Inc.
Product-mt7615software_development_kitMT7615mt7615
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20075
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.98%
||
7 Day CHG-0.02%
Published-03 Jun, 2024 | 02:04
Updated-13 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8185mt8786mt6873androidmt8789mt6877mt6833mt8675mt6885mt6893mt6853MT6833, MT6853, MT6873, MT6877, MT6885, MT6893, MT8185, MT8675, MT8786, MT8789mt8185mt8786mt6873androidmt8789mt6877mt6833mt8675mt6885mt6893mt6853
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20782
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-26 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20697
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.40%
||
7 Day CHG~0.00%
Published-04 Aug, 2025 | 01:49
Updated-26 Feb, 2026 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6897mt6765mt6877mt8678mt8883mt8873mt8796mt6989mt6761mt6991androidmt6883mt8391mt6878mt6885mt8786mt6879mt6893mt8792mt6855mt8788emt6768mt2718mt8196mt6853mt8186mt6889mt8893MT2718, MT6761, MT6765, MT6768, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6889, MT6893, MT6897, MT6989, MT6991, MT8186, MT8196, MT8391, MT8678, MT8775, MT8786, MT8788E, MT8792, MT8796, MT8873, MT8883, MT8893
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 13
  • 14
  • Next
Details not found